package org.xdi.oxauth.util;

import java.util.GregorianCalendar;
import java.util.List;
import org.apache.commons.cli.BasicParser;
import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.HelpFormatter;
import org.apache.commons.cli.Option;
import org.apache.commons.cli.Options;
import org.apache.commons.cli.ParseException;
import org.apache.log4j.Logger;
import org.apache.logging.log4j.Level;
import org.apache.logging.log4j.status.StatusLogger;
import org.codehaus.jettison.json.JSONObject;
import org.xdi.oxauth.model.crypto.OxAuthCryptoProvider;
import org.xdi.oxauth.model.crypto.OxElevenCryptoProvider;
import org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm;
import org.xdi.oxauth.model.jwk.JSONWebKey;
import org.xdi.oxauth.model.jwk.JSONWebKeySet;
import org.xdi.oxauth.model.jwk.KeyType;
import org.xdi.oxauth.model.jwk.Use;
import org.xdi.oxauth.model.util.SecurityProviderUtility;
import org.xdi.oxauth.model.util.StringUtils;

/* loaded from: input_file:org/xdi/oxauth/util/KeyGenerator.class */
public class KeyGenerator {
    private static final String ALGORITHMS = "algorithms";
    private static final String KEY_STORE_FILE = "keystore";
    private static final String KEY_STORE_PASSWORD = "keypasswd";
    private static final String DN_NAME = "dnname";
    private static final String OXELEVEN_ACCESS_TOKEN = "at";
    private static final String OXELEVEN_GENERATE_KEY_ENDPOINT = "ox11";
    private static final String EXPIRATION = "expiration";
    private static final String HELP = "h";
    private static final Logger log;

    /* loaded from: input_file:org/xdi/oxauth/util/KeyGenerator$Cli.class */
    public static class Cli {
        private String[] args;
        private Options options = new Options();

        public Cli(String[] strArr) {
            this.args = null;
            this.args = strArr;
            Option option = new Option(KeyGenerator.ALGORITHMS, true, "Signature Algorithms (RS256 RS384 RS512 ES256 ES384 ES512).");
            option.setArgs(-2);
            this.options.addOption(option);
            this.options.addOption(KeyGenerator.KEY_STORE_FILE, true, "Key Store file.");
            this.options.addOption(KeyGenerator.KEY_STORE_PASSWORD, true, "Key Store password.");
            this.options.addOption(KeyGenerator.DN_NAME, true, "DN of certificate issuer.");
            this.options.addOption(KeyGenerator.OXELEVEN_ACCESS_TOKEN, true, "oxEleven Access Token");
            this.options.addOption(KeyGenerator.OXELEVEN_GENERATE_KEY_ENDPOINT, true, "oxEleven Generate Key Endpoint.");
            this.options.addOption(KeyGenerator.EXPIRATION, true, "Expiration in days.");
            this.options.addOption(KeyGenerator.HELP, false, "Show help.");
        }

        public void parse() {
            try {
                CommandLine parse = new BasicParser().parse(this.options, this.args);
                if (parse.hasOption(KeyGenerator.HELP)) {
                    help();
                }
                if (parse.hasOption(KeyGenerator.ALGORITHMS) && parse.hasOption(KeyGenerator.OXELEVEN_ACCESS_TOKEN) && parse.hasOption(KeyGenerator.OXELEVEN_GENERATE_KEY_ENDPOINT) && parse.hasOption(KeyGenerator.EXPIRATION)) {
                    String[] optionValues = parse.getOptionValues(KeyGenerator.ALGORITHMS);
                    String optionValue = parse.getOptionValue(KeyGenerator.OXELEVEN_ACCESS_TOKEN);
                    String optionValue2 = parse.getOptionValue(KeyGenerator.OXELEVEN_GENERATE_KEY_ENDPOINT);
                    int parseInt = Integer.parseInt(parse.getOptionValue(KeyGenerator.EXPIRATION));
                    List<SignatureAlgorithm> fromString = SignatureAlgorithm.fromString(optionValues);
                    if (fromString.isEmpty()) {
                        help();
                    } else {
                        try {
                            JSONWebKeySet jSONWebKeySet = new JSONWebKeySet();
                            OxElevenCryptoProvider oxElevenCryptoProvider = new OxElevenCryptoProvider(optionValue, optionValue2, (String) null, (String) null, (String) null);
                            GregorianCalendar gregorianCalendar = new GregorianCalendar();
                            gregorianCalendar.add(5, parseInt);
                            for (SignatureAlgorithm signatureAlgorithm : fromString) {
                                JSONObject generateKey = oxElevenCryptoProvider.generateKey(signatureAlgorithm, Long.valueOf(gregorianCalendar.getTimeInMillis()));
                                JSONWebKey jSONWebKey = new JSONWebKey();
                                jSONWebKey.setKid(generateKey.getString("kid"));
                                jSONWebKey.setUse(Use.SIGNATURE);
                                jSONWebKey.setAlg(signatureAlgorithm);
                                jSONWebKey.setKty(KeyType.fromString(signatureAlgorithm.getFamily().toString()));
                                jSONWebKey.setExp(Long.valueOf(generateKey.optLong("exp")));
                                jSONWebKey.setCrv(signatureAlgorithm.getCurve());
                                jSONWebKey.setN(generateKey.optString("n"));
                                jSONWebKey.setE(generateKey.optString("e"));
                                jSONWebKey.setX(generateKey.optString("x"));
                                jSONWebKey.setY(generateKey.optString("y"));
                                jSONWebKey.setX5c(StringUtils.toList(generateKey.optJSONArray("x5c")));
                                jSONWebKeySet.getKeys().add(jSONWebKey);
                            }
                            System.out.println(jSONWebKeySet);
                        } catch (Exception e) {
                            KeyGenerator.log.error("Failed to generate keys", e);
                            help();
                        }
                    }
                }
                if (parse.hasOption(KeyGenerator.ALGORITHMS) && parse.hasOption(KeyGenerator.KEY_STORE_FILE) && parse.hasOption(KeyGenerator.KEY_STORE_PASSWORD) && parse.hasOption(KeyGenerator.DN_NAME) && parse.hasOption(KeyGenerator.EXPIRATION)) {
                    String[] optionValues2 = parse.getOptionValues(KeyGenerator.ALGORITHMS);
                    String optionValue3 = parse.getOptionValue(KeyGenerator.KEY_STORE_FILE);
                    String optionValue4 = parse.getOptionValue(KeyGenerator.KEY_STORE_PASSWORD);
                    String optionValue5 = parse.getOptionValue(KeyGenerator.DN_NAME);
                    int parseInt2 = Integer.parseInt(parse.getOptionValue(KeyGenerator.EXPIRATION));
                    List<SignatureAlgorithm> fromString2 = SignatureAlgorithm.fromString(optionValues2);
                    if (fromString2.isEmpty()) {
                        help();
                    } else {
                        try {
                            SecurityProviderUtility.installBCProvider(true);
                            JSONWebKeySet jSONWebKeySet2 = new JSONWebKeySet();
                            OxAuthCryptoProvider oxAuthCryptoProvider = new OxAuthCryptoProvider(optionValue3, optionValue4, optionValue5);
                            GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
                            gregorianCalendar2.add(5, parseInt2);
                            for (SignatureAlgorithm signatureAlgorithm2 : fromString2) {
                                JSONObject generateKey2 = oxAuthCryptoProvider.generateKey(signatureAlgorithm2, Long.valueOf(gregorianCalendar2.getTimeInMillis()));
                                JSONWebKey jSONWebKey2 = new JSONWebKey();
                                jSONWebKey2.setKid(generateKey2.getString("kid"));
                                jSONWebKey2.setUse(Use.SIGNATURE);
                                jSONWebKey2.setAlg(signatureAlgorithm2);
                                jSONWebKey2.setKty(KeyType.fromString(signatureAlgorithm2.getFamily().toString()));
                                jSONWebKey2.setExp(Long.valueOf(generateKey2.optLong("exp")));
                                jSONWebKey2.setCrv(signatureAlgorithm2.getCurve());
                                jSONWebKey2.setN(generateKey2.optString("n"));
                                jSONWebKey2.setE(generateKey2.optString("e"));
                                jSONWebKey2.setX(generateKey2.optString("x"));
                                jSONWebKey2.setY(generateKey2.optString("y"));
                                jSONWebKey2.setX5c(StringUtils.toList(generateKey2.optJSONArray("x5c")));
                                jSONWebKeySet2.getKeys().add(jSONWebKey2);
                            }
                            System.out.println(jSONWebKeySet2);
                        } catch (Exception e2) {
                            KeyGenerator.log.error("Failed to generate keys", e2);
                            help();
                        }
                    }
                } else {
                    help();
                }
            } catch (ParseException e3) {
                KeyGenerator.log.error("Failed to generate keys", e3);
                help();
            }
        }

        private void help() {
            new HelpFormatter().printHelp("KeyGenerator -algorithms alg ... -expiration n_days [-ox11 url] [-keystore path -keypasswd secret -dnname dn_name]", this.options);
            System.exit(0);
        }
    }

    public static void main(String[] strArr) throws Exception {
        new Cli(strArr).parse();
    }

    static {
        StatusLogger.getLogger().setLevel(Level.OFF);
        log = Logger.getLogger(KeyGenerator.class);
    }
}
